NOWCAST WDSU News at 10pm
Watch on Demand
Advertisement

A massive tech outage is causing worldwide disruptions. Here's what we know

A massive tech outage is causing worldwide disruptions. Here's what we know
ANSWER IN JUST A MOMENT. BUT WHEN IT COMES TO BUSINESSES, WE FOUND ACROSS TOWN TODAY, IT REALLY IS A CASE BY CASE BASIS. NOW, A PERFECT EXAMPLE IS ORDERING YOUR MORNING COFFEE MAYBE ON YOUR STARBUCKS APP WHILE CUSTOMERS ARE FINDING THE ORDER APP IS DOWN, YOU WOULD HAVE TO ORDER IN PERSON, BUT THE PAYMENT SYSTEMS ARE WORKING NOW. WHEN IT COMES TO HOTELS. THIS HOLIDAY INN WALTHAM THEY’RE CHECKING PEOPLE IN MANUALLY ALL DAY. WELL, THIS MORNING WE SPOKE TO A CYBERSECURITY EXPERT AND SHE DESCRIBES WHAT HAPPENED TO MILLIONS OF COMPUTERS OVERNIGHT. IS THAT CROWDSTRIKE RELEASED AN UPDATE THAT WAS IMPROPERLY FORMATTED, THAT HAD A REALLY SIGNIFICANT PROBLEM. AND SO WHEN IT WAS AUTOMATICALLY INSTALLED ON ALL OF THESE DIFFERENT COMPUTERS BELONGING TO THEIR MANY THOUSANDS OF CUSTOMERS ALL OVER THE WORLD, IT’S BEEN CRASHING WINDOWS MACHINES. NOW, AS WE SAID, IT IS A CASE BY CASE BASIS. SPECIFICALLY BACK HERE IN THE BACK BAY. NO PROBLEMS AT THE LENNOX HOTEL FOR CUSTOMERS CHECKING IN OR OUT AND THEIR PAYMENT SYSTEMS ARE UNAFFECTED. BUT NOW CYBER EXPERTS SAY MOVING FORWARD, COMPANIES WILL HAVE TO DECIDE WHETHER THEY STAY WITH A VENDOR LIKE CROWDSTRIKE OR NOT. AND SHE PREDICTS THAT MANY OTHER NEW CYBER PROTECTION COMPANIES COULD BE BORN OUT OF THIS SITUATION OVERNIGHT. AND BY THE WAY, IT DOES NOT APPEAR THAT ANY APPLE PRODUCTS WE
Advertisement
A massive tech outage is causing worldwide disruptions. Here's what we know
Much of the world faced online disarray Friday as a widespread technology outage affected companies and services across industries – grounding flights, knocking banks and hospital systems offline and media outlets off the air.At the heart of the massive disruption is CrowdStrike, a cybersecurity firm that provides software to scores of companies worldwide. The company says the problem occurred when it deployed a faulty update to computers running Microsoft Windows, noting that the issue behind the outage was not a security incident or cyberattack.CrowdStrike has said a fix is on the way. Still, chaos deepened hours after the problem was first detected.Here's what you need to know:How did Friday's global outage happen?Friday's disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, "Falcon." In a statement about the ongoing situation, the company said the defect was found "in a single content update for Windows hosts" — noting that Mac and Linux systems were not impacted.But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching.Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services during peak summer travel — disrupting thousands of flights. Banks in South Africa and New Zealand reported outages impacting payments and online services. Some news stations, particularly in Australia, were unable to broadcast for hours. Hospitals had problems with their appointment systems, leading to delays and sometimes cancelations for critical care, while officials in some U.S. states warned of 911 problems in their areas.Video above: Cybersecurity expert talks about software issue that caused CrowdStrike outagesElsewhere, people experienced more minor inconveniences, including trouble ordering ahead at Starbucks, causing long lines at some of the coffee chain's stores. Some billboards in New York City's famous Times Square also went dark.Experts stress that Friday's disruptions underscore the vulnerability of worldwide dependence on software that comes from only a handful of providers."It is an 'all our eggs are in one basket' situation," Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said in an emailed commentary. "This lets us make sure our 'basket' is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs."What is CrowdStrike?CrowdStrike is a U.S. cybersecurity company that provides software to companies around the world and across industries. It bills itself as being the globe's most advanced cloud-based security technology provider."We stop breaches," the cybersecurity firm writes on its website.According to the company's website, CrowdStrike was founded in 2011 and launched in early 2012. CrowdStrike listed on the Nasdaq exchange five years ago. Last month, the Austin, Texas company reported that its revenue rose 33% in the latest quarter from the same quarter a year earlier – logging a net profit of $42.8 million, up from $491,000 in the first quarter of last year.CrowdStrike has a partnership with Amazon Web Services and its "Falcon for Defender" security technology is designed to supplement Microsoft Defender to prevent attacks.Is there a fix?Disruptions on Friday have continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that they're working to get systems back online.Video above: Social Security Offices closed due to global network outageIn an emailed statement, Crowdstrike said that it was "actively working with customers impacted by a defect found in a single content update for Windows hosts" — adding that a fix "had been deployed" for the identified issue.Microsoft spokesperson Frank X. Shaw said that the company was "actively supporting customers to assist in their recovery." Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.While the problem is fixable, it requires some expertise. Some cybersecurity experts warn of bad actors who may reach out claiming they can help. Smaller companies or organizations with less IT resources are particularly at risk.Gartner analyst Eric Grenier noted that those impacted should make sure they're talking to trusted organizations as they work towards recovery. "Attackers will definitely prey on organizations as a result of this," he said.
NEW YORK —

Much of the world faced online disarray Friday as a widespread technology outage affected companies and services across industries – grounding flights, knocking banks and hospital systems offline and media outlets off the air.

At the heart of the massive disruption is CrowdStrike, a cybersecurity firm that provides software to scores of companies worldwide. The company says the problem occurred when it deployed a faulty update to computers running Microsoft Windows, noting that the issue behind the outage was not a security incident or cyberattack.

Advertisement

CrowdStrike has said a fix is on the way. Still, chaos deepened hours after the problem was first detected.

Here's what you need to know:

How did Friday's global outage happen?

Friday's disruptions began when a faulty update was pushed out from CrowdStrike for one of its tools, "Falcon." In a statement about the ongoing situation, the company said the defect was found "in a single content update for Windows hosts" — noting that Mac and Linux systems were not impacted.

But, because scores of companies rely on CrowdStrike for their security needs with Windows as their operating system, the consequences of this kind of technical problem have been far-reaching.

Long lines formed at airports in the U.S., Europe and Asia as airlines lost access to check-in and booking services during peak summer travel — disrupting thousands of flights. Banks in South Africa and New Zealand reported outages impacting payments and online services. Some news stations, particularly in Australia, were unable to broadcast for hours. Hospitals had problems with their appointment systems, leading to delays and sometimes cancelations for critical care, while officials in some U.S. states warned of 911 problems in their areas.

Video above: Cybersecurity expert talks about software issue that caused CrowdStrike outages

Elsewhere, people experienced more minor inconveniences, including trouble ordering ahead at Starbucks, causing long lines at some of the coffee chain's stores. Some billboards in New York City's famous Times Square also went dark.

Experts stress that Friday's disruptions underscore the vulnerability of worldwide dependence on software that comes from only a handful of providers.

"It is an 'all our eggs are in one basket' situation," Craig Shue, professor and computer science department head at Worcester Polytechnic Institute, said in an emailed commentary. "This lets us make sure our 'basket' is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs."

What is CrowdStrike?

CrowdStrike is a U.S. cybersecurity company that provides software to companies around the world and across industries. It bills itself as being the globe's most advanced cloud-based security technology provider.

"We stop breaches," the cybersecurity firm writes on its website.

According to the company's website, CrowdStrike was founded in 2011 and launched in early 2012. CrowdStrike listed on the Nasdaq exchange five years ago. Last month, the Austin, Texas company reported that its revenue rose 33% in the latest quarter from the same quarter a year earlier – logging a net profit of $42.8 million, up from $491,000 in the first quarter of last year.

CrowdStrike has a partnership with Amazon Web Services and its "Falcon for Defender" security technology is designed to supplement Microsoft Defender to prevent attacks.

Is there a fix?

Disruptions on Friday have continued hours after CrowdStrike first identified the issue. But both the company and Microsoft say that they're working to get systems back online.

Video above: Social Security Offices closed due to global network outage

In an emailed statement, Crowdstrike said that it was "actively working with customers impacted by a defect found in a single content update for Windows hosts" — adding that a fix "had been deployed" for the identified issue.

Microsoft spokesperson Frank X. Shaw said that the company was "actively supporting customers to assist in their recovery." Both CrowdStrike and Microsoft are also appearing to engage IT personnel on official online channels, such as Reddit.

While the problem is fixable, it requires some expertise. Some cybersecurity experts warn of bad actors who may reach out claiming they can help. Smaller companies or organizations with less IT resources are particularly at risk.

Gartner analyst Eric Grenier noted that those impacted should make sure they're talking to trusted organizations as they work towards recovery. "Attackers will definitely prey on organizations as a result of this," he said.

Top Picks

Rare find: Father-son lobstermen pull calico lobster from Maine waters
What is the 'American Community Survey' and is it legit?
Clint Eastwood's former California home on sale for $21 million
Meet the Navy veteran skydiving for his 91st birthday